Severity

Affected components

Affected versions

Fixed versions

Description

Messaging applications using the Proton Python API to provision an
SSL/TLS encrypted TCP connection may actually instantiate a
non-encrypted connection without notice if SSL support is
unavailable. This will result in all messages being sent in the clear
without the knowledge of the user.

This issue affects those applications that use the Proton Reactor
Python API to create SSL/TLS connections. Specifically the
proton.reactor.Connector, proton.reactor.Container, and
proton.utils.BlockingConnection classes are vulnerable. These classes
can create an unencrypted connections if the "amqps://" URL prefix is
used.

The issue only occurs if the installed Proton libraries do not support
SSL. This would be the case if the libraries were built without SSL
support or the necessary SSL libraries are not present on the system
(e.g. OpenSSL in the case of *nix).

To check whether or not the Python API provides SSL support, use the
following console command:

In addition, the issue can only occur if both ends of the connection
connect without SSL. This would be the case if the vulnerability is
active on both ends of the connection, or the non-affected endpoint
allows cleartext connections.

Resolution

Proton release 0.12.1 resolves this issue by raising an SSLUnavailable
exception when SSL is not available and a SSL/TLS connection is
requested via the "amqps://" URL prefix.